An Improved Two-Factor Mutual Authentication …itiis.org/journals/tiis/digital-library/manuscript/file/...5558 Jiping Li et al.: An Improved Two-Factor Mutual Authentication Scheme

KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS VOL. 11, NO. 11, Nov. 2017 5556 Copyright ⓒ2017 KSII

An Improved Two-Factor Mutual Authentication Scheme with Key

Agreement in Wireless Sensor Networks

Jiping Li1, Yaoming Ding1, Zenggang Xiong1and Shouyin Liu2 1 School of Computer and Information Science, Hubei Engineering University

Xiaogan 432000, China [e-mail: [email protected]]

2 College of Physical Science and Technology, Central China Normal University Wuhan 430079, China

[e-mail: [email protected]] *Corresponding author: Yaoming Ding

Received April 30, 2017; revised June 24, 2017; accepted July 18, 2017;

published November 30, 2017

Abstract

As a main component of Internet of Things (IoTs), the wireless sensor networks (WSNs) have been widely applied to various areas, including environment monitoring, health monitoring of human body, farming, commercial manufacture, reconnaissance mission in military, and calamity alert etc. Meanwhile, the privacy concerns also arise when the users are required to get the real-time data from the sensor nodes directly. To solve this problem, several user authentication and key agreement schemes with a smart card and a password have been proposed in the past years. However, these schemes are vulnerable to some attacks such as offline password guessing attack, user impersonation attack by using attacker’s own smart card, sensor node impersonation attack and gateway node bypassing attack. In this paper, we propose an improved scheme which can resist a wide variety of attacks in WSNs. Cryptanalysis and performance analysis show that our scheme can solve the weaknesses of previously proposed schemes and enhance security requirements while maintaining low computational cost. Keywords: Mutual authentication, key-agreement, smart card, password, wireless sensor networks

The authors gratefully thank for the helpful suggestions of reviewers. This work is funded by Natural Science Foundation of Hubei Province of China under Grant No.2014CFB577 and partly supported by the National Natural Science Foundation of China under Grant No.61370223. https://doi.org/10.3837/tiis.2017.11.021 ISSN : 1976-7277

KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS VOL. 11, NO. 11, November 2017 5557

1. Introduction

Internet of Things (IoTs) is a novel paradigm and rapidly gains ground in the scenario of modern wireless telecommunications. A variety of pervasive things around us such as radio frequency identification tags, wireless sensor nodes, actuators, and mobile phones, etc., interact with each other and cooperate with their neighbors to reach common goals. US National Intelligence Council foresees that by 2025 internet nodes may reside in everyday things-food packages, furniture, paper documents, and more [1]. Though widespread diffusion of IoTs could contribute invaluably like the present internet to economic development, possible security threats should not be neglected. Towards the IoTs security, current researches mainly focus on three aspects: system security, network security and application security [2]. Wireless sensor networks (WSNs), which are the main component of IoTs, are used to collect data by deploying tens to thousands sensors in the target area [3, 4]. WSNs have been recently applied in all sorts of fields such as environmental monitoring, health monitoring of human body, farming, commercial manufacture, reconnaissance mission in military, and calamity alert [3, 4, 7, 9, 10]. Different from traditional wireless networks, sensor nodes in WSNs work in a limited power, limited storage capacity, limited computing ability, and limited communication ability environment [3, 4, 6, 7, 15, 16]. In general, we send user queries to and receive user queries from gateway node (GW). However, in some specific applications, users are required to get real-time data from sensor nodes directly instead of from the GW [3, 6, 7, 12]. Hence, how to permit only legitimate users to access the WSNs becomes very important.

To ensure the security of WSNs, several user authentication schemes have been proposed in the past decades. In 2006, a dynamic user authentication scheme was proposed by Wong et al. [5] by using only hash functions to improve sensor node’s computing efficiency. In 2007, Tseng H. R. et al. [6] pointed out that Wong et al.’s scheme has the vulnerability to replay and forgery attacks, and proposed a dynamic user authentication scheme with low computation cost for WSNs. In 2009, Das [7], however, demonstrated possible attacks such as many logged-in users with the same login-id threats as well as stolen-verifier attacks in Wong et al.’s scheme. To eliminate these weaknesses, an improved user authentication scheme in WSNs was proposed by Das with the help of a smart card and a password. In the subsequent years, several researchers, however, demonstrated that Das’s scheme is still susceptive to some attacks. In 2010, Chen and Shih [11] pointed out that Das’s scheme cannot provide mutual authentication between users and GW, and then put forward a mutual authentication scheme between two of the communicating parties which are composed of the user, the GW, and the sensor node. In 2010, He et al. [12] insisted that Das’s scheme is susceptive to insider attacks as well as impersonation attacks. In the same year, Khan, M. K. and Alghathbar, K. [10] pointed out that Das’s scheme has security weaknesses against GW bypassing attacks as well as privileged-insider attacks. In 2012, Vaidya et al. [13] pointed out that some attacks such as stolen smart card attacks, sensor node impersonation with node capture attacks are possible in Das’s scheme, Khan and Alghathbar’s scheme, and Chen and Shih’s scheme. In addition, he insisted that there is no key agreement in Das’s scheme. To overcome the pitfalls in the above mentioned schemes, Vaidya et al. put forward a novel two-factor user authentication scheme with key agreement for WSNs. In 2014, Kim et al. [17], however, pointed out that Vaidya et at.’s scheme [13] is vulnerable to GW bypassing attacks and user impersonation attacks either using secret data stored in sensor nodes or using an attacker’s own smart card. To remedy the security flaws in Vaidya et al.’s scheme [13], Kim et al. proposed an improved two-factor mutual authentication with key agreement in WSNs by storing secret data in unique cipher text

5558 Jiping Li et al.: An Improved Two-Factor Mutual Authentication Scheme with Key Agreement in Wireless Sensor Networks

form in each node. However, I-Pin Chang et al. [18] in 2015 analyzed the weaknesses of Kim et al.’s scheme, which are vulnerable to impersonation attacks, lost smart card attacks, man-in-the-middle attacks, violation of session key security, and invasion of user’s privacy. To eliminate these weaknesses, I-Pin Chang et al. proposed an efficient and secure authentication and key agreement scheme for WSNs based on Kim et at.’s scheme. However, in the current research, we found that Kim et al.’s scheme is still vulnerable to some attacks such as offline password guessing attacks, user impersonation attacks, sensor node impersonation attacks as well as gateway node bypassing attacks, besides the weaknesses pointed out by I-Pin Chang et al.

In this study, we first review Kim et al.’s scheme, and then analyze the weaknesses of Kim et al.’s scheme in terms of offline password guessing attack, user impersonation attack, sensor node impersonation attack, and gateway node by passing attack. To eliminate the weaknesses in Kim et al.’s scheme, we propose an improved user authentication and key agreement scheme for WSNs based on Kim et al.’s scheme. Finally, cryptanalysis and performance analysis are presented to show that our scheme not only solves the weaknesses of previously proposed scheme, but also enhances security requirements while maintaining low computational cost.

The remainder of the paper is organized as follows. Section 2 presents a review of Kim et al.’s scheme. Section 3 is devoted to analyzing the security of Kim et al.’s scheme. An improved scheme is put forward in section 4. Security analysis of the proposed scheme is given in section 5, and performance analysis is followed in section 6. Finally, section 7 gives conclusions of this paper.

2. Review of Kim et al.’s Scheme In this section, we first list notations adopted in this paper, and then briefly review Kim et al.’s two-factor authentication and the key agreement scheme for WSNs. Kim et al.’s scheme [17] comprises registration, login, authentication and key agreement, and password change phases, which are described from subsection 2.1 to 2.4. The notations adopted in the remainder of this paper are shown in Table 1.

Table 1. Notations used in this paper Symbol Description

iU useri th− jS sensor nodej th−

GW Gateway node ,iID ipw

Identity and password of iU

jSID Identity of jS sID

Identify of smart card K Secret key known to only GW

sx Secret value generated by GW and shared between only GW and jS ( )h One-way hash function ,j iRN RN Random nonce of and respectivelyj iS S ,⊕ XOR and concatenation operation sK Session key


( , )f x k Pseudo-random function of variable x with key k ',i iT T Current timestamp of iU ',G GT T Current timestamp of GW

jT Current timestamp of jS T∆

The maximum of transmission delay time permitted

2.1 Registration Phase

In the registration phase, iU selects iID and ipw , and generates a random nonce rRN , then computes _ ( || )i i rH PW RNh pw= and sends the registration request { , ( )}i iID h pw to GW. Once receiving the registration request from iU , the GW computes _ ( || )i iH ID h ID K= ,

( _ || ) ( _ || )i i ii H PW Xs H ID KA h h⊕= , ( _ )i i iB H PW Xsh ⊕= and ( || _ )i i s iC Xs h ID H PW= ⊕ , and then personalizes a smart card with sID , _ iH ID , ( )h ⋅ , iA , iB and iC . After personalizing the smart card, then the GW sends the smart card to iU through a secure channel. When receiving the smart card from the GW, iU computes _ ( )i i rX PW h pw RN= ⊕ and writes _ iX PW to

the smart card. The detailed registration phase of Kim et al.’s scheme is illustrated in Fig. 1.

_ ( || )( _ || )

( _ || ) ( _ || )( _ )

( || _ )_

( , )

_ ( || ), _ ( )

, , ( ), , ,

s

i i

i i r

i i

i i

i i s

i i i i

i i i

i i s i

s i i i i

i

H ID h ID KXs h H ID xA h H PW Xs h H ID KB h H PW XsC Xs h ID H PWID H ID A B C

U GW K xselects ID and pwH PW h pw RN

ID H PW through securechannel

h smart car

=== ⊕= ⊕= ⊕

=

→

_ ( )_

( )i i r

i

X PW h pw RNX PW

dsmart card through secure channel

smartcard= ⊕→

Fig. 1. Registration phase of Kim et al.’s scheme

2.2 Login Phase

In the login phase, iU inserts his/her smart card into a terminal and inputs *iID and *

ipw . The

smart card computes * ** ( _ )i ii h H PW XsB = ⊕ and then verifies *i iB B= ? If it does not hold, the

smart card aborts this request; Otherwise, iU computes * * *( _ || ) ( || || )i i i i i iDID h H PW Xs h Xs RN T= ⊕ , *( || || || )

iU G i i i ih A Xs RN TM − = and *i i iRN Xsv ⊕= , where iRN is a nonce and iT the current

timestamp. Then iU sends the login request { , , , , _ }i U G i i iiDID M T H IDv− to the GW. The

detailed login phases of Kim et al.’s scheme are illustrated in Fig. 2.


* *

* *

* *

* * *

*

* * *

*

*

*

( ) _

_ ( || )

( || _ )

( _ )

( _ || ) ( || || )

( || || || )

( , )

?

r i i

i i s i

i i i

i i

i i i i i i

U G i i i i

i i i

i

i s

i ri

U

RN h pw X PW

H PW h pw RN

Xs C h ID H PW

B h H PW Xs

B B

DID h H PW Xs h Xs RN T

M h A Xs RN T

RN Xs

GW K x

v−

= ⊕

=

= ⊕

= ⊕

=

= ⊕

=

= ⊕{ , , , , _ }i U G i i ii

DID M T H IDv−

Fig. 2. Login phase of Kim et al.’s scheme

2.3 Authentication and Key Agreement Phase In this phase, the iU , GW and jS send and receive authentication requests from one another to enable iU and jS to authenticate each other, and to negotiate a secret key. The detailed phases are illustrated in Fig. 3.

When receiving the authentication request from iU , the GW checks the validity of iT by verifying if ( )G iT T T− ≤∆ , where GT is the current timestamp of the GW system. If it does not hold, the authentication phase is aborted; Otherwise, the GW first computes

* * *(( ( _ || ))|| || || )U G i i ii iM h X h H ID K Xs RN T− = ⊕ and then verifies * ?U G U Gi iM M− −= , where U Gi

M −

comes from iU s′ login request { , , , , _ }U Gii i i iDID M T H IDv− . If *U G U Gi i

M M− −= does not hold, the authentication phase is aborted; otherwise, the GW computes ( || || || )G S Gj j jM DID SID Xs Tih− = ,

and then sends authentication request { , , }G S GjiDID M T− to jS , where jS is the nearest sensor

node for iU . When receiving the authentication request { , , }GG S jiDID M T− from the GW, jS checks the

validity of GT by verifying if ( )j GT T T− ≤∆ , where jT is the current timestamp of jS . If it does not hold, the authentication phase is aborted; otherwise, jS computes * *( || || || )

jG S i j j GM DID SID Xs Th− =

and verifies * ?G S G Sj jM M− −= , where G S j

M − comes from the GW’s authentication request

{ , , }ji G S GDID M T− . If *

G S G Sj jM M− −= does not hold, the authentication phase is aborted; otherwise,

jS computes *j j jy RN Xs= ⊕ and *( || || )

j j jS G iM h Xs Tz− = , and then sends authentication request

{ , , }j S G jjy M T− to the GW.

When receiving authentication request { , , }j S G jjy M T− from jS , the GW checks the validity

of jT by verifying if '( )G jT T T− ≤∆ , where 'GT is the current timestamp of the GW. If it does not


hold, the authentication phase is aborted; otherwise, the GW computes * *( || || )j i j jS GM h Xs Tz− =

and verifies *j jS G S GM M− −= ? If it does not hold, the authentication phase is aborted; otherwise, the

GW computes '( || || || || )jG U i G S U G i Gi i

M h DID M M Xs T− − −= , *i i iXsw z= ⊕ , i j iRN Xsy = ⊕ and j j jq Xs RN= ⊕ ,

and then sends the authentication request '{ , , , , }i i G U j Giy w M q T− to iU .

iU ( , )sGW K x *( , )j j jS SID Xs( ) ?verifying Gi i TT by T Tcheck ≤∆−

( _ || )si iXs h H ID x=

i i iRN Xsv ⊕=* ( || || )i i i iX DID h Xs RN T= ⊕* * *(( ( _ || ))|| || || )i i i iU Gi

M h X h H ID K Xs RN T− = ⊕* ?U G U Gi i

M M− −=

( || )sj js h SIDX x=( || || || )

j j jG S GiM h DID SID Xs T− ={ , , }GjG SiDID M T−

( ) ?verifying jG G TT by T Tcheck ≤∆−* *( || || || )Gj i j jG SM h DID SID Xs T− =*

j jG S G SM M− −= ？*

j j jRN Xsy = ⊕*

ji jG SM RNz −= ⊕*( || || )j jS Gj iM h z Xs T− =

{ , , }jj jS GM Ty −

'verifying ( ) ?j jGcheckT by T T T− ≤∆

j j jRN y Xs= ⊕*

ji jG SM RNz −= ⊕ 　

* *( || || )j i j jS GM h Xs Tz− =

*S GjjS G MM −− = ？

'( || || || || )Gji iG U G S U Gi iM h DID M M Xs T− − −=

*i i i j i j j jiXs RN Xs Xs RNz y qw= ⊕ = ⊕ = ⊕，，

'{ , , , , }G Ui i j GiM Ty w q−

' ''( )G Giby verifyingcheck T T T T− ≤∆ ？*

j i i i i iRN Xs Xsy z w= ⊕ = ⊕ 　，* *

j i jG SM RNz− = ⊕* * '( || || || || )

ji iG U G S U G Gi iM h DID M M Xs T− − −=

*G U G Ui i

M M− −= ？

j j jXs RNq= ⊕

(( || ), )i j jSK f DID RN Xs= (( || ), )i j jSK f DID RN Xs=

'Response to queryiU s　

Fig. 3. Authentication-key agreement phase of Kim et al.’s scheme


When receiving authentication request '{ }, , , ,i i jG U Giy w M q T− from the GW, iU checks the

validity of 'GT by verifying if ' '( )i GT T T− ≤∆ , where '

iT is the current timestamp of iU .When it does not hold, the authentication phase is aborted; otherwise, iU computes

* * '( || || || || )ji G S i GiG U U Gi

M h DID M M Xs T−− −= and verifies *G U G Ui i

M M− −= ?, where G UiM − comes from the

GW’s authentication request '{ , , , , }i i G U j Giy w M q T− . If it does not hold, the authentication

phase is aborted; otherwise, iU computes j j jXs q RN= ⊕ and (( || ), )S i j jK f DID RN Xs= .With the

computed session key (( || ), )S i j jK f DID RN Xs= , jS responses to 'iU s query in a secure way.

2.4 Password Change Phase In the password change phase, iU can change the existing password to a new one without communicating with the GW.

When changing password, iU inserts his/her smart card into a terminal and inputs *iID , *

ipw and nipw , where nipw is '

iU s new password. Then the smart card computes * *( ) _r i iRN pw X PWh ⊕= , * * *_ ( || )i i rH PW h pw RN= , * *( || _ )i i s iXs C h ID H PW= ⊕ and * * *( _ )i i iB h H PW Xs= ⊕ ,

and verifies *i iB B= ?, where iB is the value stored in the memory of the smart card in the

registration phase. If *i iB B= does not hold, the password change phase is aborted; otherwise,

the smart card computes *_ ( || )ni ni rH PW pw RNh= , * * *( _ || ) ( _ || )ni i i i ni iA A h H PW Xs h H PW Xs= ⊕ ⊕ , *( _ )ni ni iB h H PW Xs= ⊕ and * ( || _ )ni i s niC Xs h ID H PW= ⊕ , and then replaces the existing values

iA , iB and iC with the new values niA , niB and niC .

3. Security Analysis of Kim et al.’s Scheme In this section, we give detailed analysis towards the weaknesses of Kim et al.’s authentication and key agreement scheme. From subsection 3.1 to 3.4, four possible attacks are analyzed on the assumption that all messages sent or received between communication parties can be eavesdropped on or intercepted by an attacker. It is also assumed that the data stored in a smart card can be read by an attacker by using side channel attacks [3, 7, 8, 14, 19, 20].

3.1 Offline Password Guessing Attack

Since iB and iC are stored in 'iU s smart card, an attacker can obtain '

iU s password by using offline password guessing attack. Besides password iPW and identity iID , some important secrets such as sx and K can also be derived. The detailed analysis is shown as follows.

Step1 Attacker aU read sID , ( )h , _ iH ID , _ iX PW , iA , iB and iC from 'iU s smart card in the

manner as those used in the works [3, 7, 8, 14, 19, 20]. Step2 aU arbitrarily chooses a random nonce as _ iH PW (instead of deriving _ iH PW ), and

verifies if ( _ ( || _ ))i i i s iB h H PW C h ID H PW= ⊕ ⊕ holds or not. If unsuccessful, repeats step 2; otherwise, the next step proceeds.

Step3 In the similar way used in step 2, aU arbitrarily guesses a password ipw (instead of deriving ipw ), and then verifies if _ ( ||( ( )))i i i iH PW h X_PW hpw pw= ⊕ holds or not. If


unsuccessful, repeats Step 3; otherwise, the next step proceeds. Step4 Deriving secret iXs . iXs can be derived according to the equation ( _ )i i s iXs C h ID H PW= ⊕

since _ iH PW is guessed in Step 2. Step5 Guessing secret sx . aU arbitrarily chooses a random nonce as sx , and then verifies if

( _ || )i i sXs h H ID x= holds or not. If unsuccessful, repeats step 5; otherwise, the next step proceeds.

Step6 Guessing secret K . aU arbitrarily chooses a random nonce as K , and then verifies if ( _ || ) ( _ )i i i iA h H PW Xs h H ID K= ⊕ holds or not. If unsuccessful, repeats step 6;

otherwise, the next step proceeds. Step7 Guessing '

iU s identity. aU arbitrarily chooses a random nonce as iID , then verify if _ ( || )i iH ID h ID K= holds or not. The guessing and verifying operation repeats until the

equation _ ( || )i iH ID h ID K= holds.

3.2 User Impersonation Attack A legitimate user can act as an attacker and launch a user impersonation attack with his/her

own personalized identity aID and password apw .The detailed registration and login processes are shown as follows. Step1 aU arbitrarily selects aID and apw . Step2 aU generates a random nonce as aRN and computes _ ( || )a a aH PW h RNpw= , and then

sends the registration request }_,{ aa PWHID to the GW in a secure channel. Step3 When receiving the registration request }_,{ aa PWHID from aU , the GW successively

computes )||(_ KIDhIDH aa = , )||( saa xIDhXs = , )||_()||_( KIDHhXsPWHhA aaaa ⊕= , )_( aaa XsPWHhB ⊕= , and )_||( asaa PWHIDhXsC ⊕= , and personalizes the smart

card with sID , _ aH ID , ( )h , aA , aB and aC , and then sends the smart card to aU in a secure channel.

Step 4 aU computes _ ( )a a aX PW h RNpw= ⊕ , and adds _ aX PW to the smart card. Step 5 aU inputs *

aID and *apw .

Step6 The smart card successively computes * *( ) _a a aRN h pw X PW= ⊕ , * * *_ ( || )a a aH PW h pw RN= , * *( || _ )a a s aXs C h ID H PW= ⊕ , and * * *( _ )a a aB h H PW Xs= ⊕ , and then verifies if * ?a aB B=

Obviously *a aB B= holds, so the next step proceeds.

Step7 The smart card generates a random nonce as aRN , and then successively computes * * *( _ || ) ( || || )a a a a a aDID h H PW Xs h Xs RN T= ⊕ , *( || || || )U G a a a aaM h A Xs RN T− = , and *

a a av RN Xs= ⊕ , where aT is the current timestamp of aU . Then the smart card sends authentication request }{ , , , , _

aa U G a a aDID M v T H ID− to the GW. Step8 When receiving the authentication request , , , ,{ _ }

aa U G a a aDID M v T H ID− from aU , the GW checks the validity of aT by verifying if ( )G aT T T− ≤∆ ? ,where GT is the current timestamp of GW system. If it does not hold, the authentication phase is aborted; otherwise, the next step proceeds.

Step9 The GW successively computes ( _ || )a a sXs h H ID x= , a a aRN v Xs= ⊕ , * ( || || )a a a aX DID h Xs RN T= ⊕ and * *(( ( _ || ))|| || || )U G a a a aaM H X h H ID K Xs RN T− = ⊕ , and then verifies if *

U G U Ga aM M− −=


holds or not. Obviously, *U G U Ga aM M− −= holds, so aU is authenticated by the GW.

Once aU is authenticated by the GW, a mutual authentication between aU and jS is completed successfully with the help of the GW. In addition, the smart card and jS both compute a session key (( || ), )a j jsK f DID RN Xs= and share it when communicating.

3.3 Sensor Node Impersonation Attack In Kim et al.’s scheme, if an attacker aU captures jS deployed in unattended environments,

he/she can extracts ( || )j j sSIDXs h x= from it. Once eavesdropping on or intercepting 'iU s login

request { , , , , _ }U Gii i i iDID M T H IDv− , aU forges a valid sensor node jS and completes mutual authentication between iU and aU .With the help of session key (( || ), )a j jsK f DID RN Xs= ,

aU can send fake message to iU . The detailed steps are shown as follows. Step1 aU strives to capture jS , and then extracts jSID and jXs stored in jS .

Step2 aU eavesdrops on or intercepts 'iU s login request { , , , , _ }U Gii i i iDID M H IDv T− sent to

the GW, and then extracts 'iU s dynamic identity iDID .

Step3 When intercepting the authentication request { , , }GjG SiDID M T− from the GW to jS ,

aU checks the validity of GT by verifying if ( )GaT T T− ≤ ∆ ?, where aT is the current timestamp of aU system. If it does not hold, the authentication request is aborted; otherwise, the next step proceeds.

Step4 aU computes * || )( || || GG U j ja i TM h DID SID Xs− = , and then checks if * ?G U G Sa jMM − −= Since it

holds, the next step proceeds. Step5 aU generates a random nonce aRN and uses the extracted jXs , which is previously stored

in jS , to successively compute a a jy RN Xs= ⊕ , G U aai M RNz −= ⊕ and ( || || )U Ga i j aM h z Xs T− = , and then sends the authentication request{ , , }aU Gaa M Ty − to the GW.

Step6 When receiving the authentication request { , , }aU Gaa M Ty − from aU , the GW checks if '( ) ?G aT TT − ≤∆ , where '

GT is the current timestamp of the GW. If it does not hold, the authentication request is aborted; otherwise, the next step proceeds.

Step7 The GW computes a a jRN y Xs= ⊕ , *G S aji M RNz −= ⊕ , * *( || || )U G ja i aM h Xs Tz− = , and then checks

if * ?U G U Ga aMM − −= Since *U G U Ga aMM − −= holds, the next step proceeds.

Step8 The GW successively computes '( || || || || )G U G U U G Ga ai i iM h DID M M Xs T− − −= , *i i iXszw = ⊕ ,

a ii RN Xsy = ⊕ , and aaa RNXsq ⊕= , and then sends the authentication request '{ , , , , }GG Ui ai i M Ty w q− to iU .

Step9 When receiving the authentication request '{ , , , , }GG Ui ai i M Ty w q− , iU checks if ' ' ) ?( Gi TT T ≤∆− If it does not hold, the authentication request is aborted; otherwise, the

next step proceeds. step10 The smart card successively computes a i iRN y Xs= ⊕ , *

i i iw Xsz = ⊕ , *G S j aiM RNz− = ⊕ ,

* * ' )( || || || ||G U G S U G Gj ii iiM h DID M M Xs T− − −= , and then checks if * ?G U G Ui iMM − −= Since


*G U G Ui i

MM − −= holds, the mutual authentication between iU and aU is completed

successfully.

3.4 Gateway Node Bypassing Attack In Kim et al.’s scheme, aU can derive iXs from the smart card by offline password guessing attack stated in section 3.1, and extract jSID from a captured sensor node jS .Once eavesdropping on the authentication request }{ , , , , _U Gii i i iTDID M H IDv− from iU to the GW,

aU can launch gateway node bypassing attack with the obtained iXs and jSID . The detailed phases of gateway node bypassing attack are shown as follows.

Step1 aU extracts jSID from a compromised sensor node jS and derives iXs from iU s′ smart card in the method stated in section 3.1.

Step2 aU eavesdrops on the authentication request }{ , , , , _U Gii i i iTDID M H IDv− from iU to the GW.

Step3 With the extracted jSID , iXs , and the intercepted message }{ , , , , _U Gii i i iTDID M H IDv− ,

aU successively computes a iRN Xsiy = ⊕ , ( || || || )G S j i j i aM h DID SID Xs T− = , *G Si aj

M RNz −= ⊕ ,

*i i iXsw z= ⊕ , and ' )( || || || ||G U U Gji i aG Si i

sM h DID M M X T− −−= , where aT and 'aT are the

current timestamp of aU system, aRN is a random nonce generated by aU , and then aU forges the authentication message transmitted from the GW to iU in

authentication-key agreement phase using ', , ,{ }G Ui i aiy w M T− .

Step4 When receiving ', , ,{ }G Ui i aiy w M T− from aU , iU checks if ' )( U a TT T ≤∆− , where UT is the

current timestamp of iU system, and checks if ' ) ?( U a TT T ≤∆− If it does not hold, this phase is aborted; otherwise, the next step proceeds.

Step5 The smart card successively computes a i iRN y Xs= ⊕ , *i i iXsz w= ⊕ , *

G S i ajM RNz− ⊕= ,

and * ' )( || || || ||G U G S Ui i aGi j iM h DID M M Xs T− − −= , and then checks if * ?G U G Ui i

M M− −= Since

*G U G Ui i

M M− −= , iU regards ', , , }{ G Ui i aiw M Ty − as being transmitted from the GW.

Therefore, aU can communicate with iU using session key (( || ), )s i a iK f DID RN Xs= .

4. The Proposed Scheme

To overcome the weaknesses in Kim et al.’s scheme presented in section 3, we propose an improved scheme in this section. The detailed phases of the proposed authentication and key agreement scheme are presented from subsection 4.1 to 4.4.

4.1 Registration Phase In Kim et al.’s scheme, any legitimate user can register with the GW using his/her

identity iID and masked password _ iH PW . This will bring about serious security risks because any attacker may launch user impersonation attack by using his/her smart card. In addition,


'i sU password and some important secrets can be derived through offline password guessing

attack. In order to overcome these security weaknesses, the registering process can be improved as follows in detail. R-1 iU sends its identity iID to GW in a secure channel.

R-2 GW computes *_ ( || )i iH ID h ID K= and stores *_ iH ID in its memory. R-3 iU selects ipw , generates a random nonce rRN , and then computes _ ( || )i i rH PW h pw RN= ,

and sends registration message ,{ _ }i iID H PW to the GW in a secure channel.

R-4 The GW computes _ ( || )i iH ID h ID K= and verifies if *_ _i iH ID H ID= . If it does not hold, the registration process is aborted; otherwise, the next step proceeds.

R-5 The GW successively computes ( _ || )||i i sXs h H ID x K= ， ( _ || ) ( _ || )i i i iA h H PW Xs h H ID K= ⊕ ，

( _ ( ))i i iB h H PW Xs h K= ⊕ ⊕ ， ( || _ )i i s iC Xs h ID H PW= ⊕ ，and personalizes the smart card with sID , _ iH ID , ( )h ⋅ , iA , iB and iC , and then delivers the smart card to iU in secure methods.

R-6 iU computes _ ( )i i rX PW h pw RN= ⊕ and adds _ iX PW to the smart card.

4.2 Login Phase

In login phase, iU inserts his/her smart card into a terminal and inputs *iID and *

ipw . If the identity of the user is verified, iU transmits the authentication message to the GW. The following shows the detailed login phase. L-1 iU inserts his/her smart card into a terminal and inputs *

iID and *ipw .

L-2 The smart card successively computes * *( ) _r i iRN h pw X PW= ⊕ ， * * *_ ( || )i i rH PW h pw RN= ，* *( || _ )i i s iXs C h ID H PW= ⊕ , * *( ) ( || )H_PWi i iKh A h Xs= ⊕ , ** ( ( ))*

i i iH_PW KB h Xs h= ⊕ ⊕ , and then compares *

iB with iB . If *i iB B= , the next step proceeds; otherwise, the login phase is

aborted. L-3 The smart card generates iRN , and then computes * * *( _ || ) ( || || )i i i i i iDID h H PW Xs h Xs RN T= ⊕ ,

*( || || || )U G i i i iiM h A Xs RN T− = , *

i i iRN Xsv = ⊕ , where iT represents 'i sU the current timestamp.

Finally, the smart card transmits the authentication message , , , , }{ _U Gii i i iDID M T H IDv− to the GW.

4.3 Authentication and key Agreement Phase The authentication and key agreement phase begins when the GW receiving an

authentication message from iU . In this phase, sending and receiving authentication request is performed among iU , the GW and jS . The detailed phases are shown as follows.

A-1 The GW checks if ( ) ?G iT T T− ≤∆ , where GT represents the GW system’s current timestamp. If ( )G iT T T− ≤∆ holds, the next step proceeds; otherwise, this phase is aborted.

A-2 The GW computes ( _ || )||i i sXs h H ID x K= , i i iRN Xsv ⊕= , * ( || || )i i i iX DID h Xs RN T= ⊕ , * ** (( ( _ || ))|| || || )U Gi i i i iM h X h H ID K Xs RN T− = ⊕ , and then compares *

U GiM − with U Gi

M − . If


*U G U Gi i

M M− −= , the next step proceeds; otherwise, this phase is aborted.

A-3 GW computes ( || )j j sXs SIDh x= , || || || || )(G S Gj i j j sM DID SID Xs Th x− = , where jS represents the

nearest sensor node replying to 'i sU request, and then sends the authentication

request , , }{ GG S jiDID M T− to jS .

A-4 jS checks if ( ) ?GjT T T− ≤∆ , where jT is the current timestamp of jS . If it holds, the next step proceeds; otherwise, this phase is aborted.

A-5 jS computes * *( || || || || )G S Gj i j j sM DID SID Xs Th x− = , where * ( || )j j sXs SID xh= is stored in jS before it

is deployed in a designated field, and then compares *G S j

M − with G S jM − . If *

G S G Sj jM M− −=

holds, the next step proceeds; otherwise, this phase is aborted.

A-6 jS generates a random nonce jRN and computes *j j jy RN Xs= ⊕ , *

G S ji jM RNz −= ⊕ , *( || || )S G i j jj

M h Xs Tz− = , and then sends the authentication request { , , }S Gjj jy M T− to the GW.

A-7 The GW checks if '( ) ?jGT T T− ≤∆ , where 'GT is the current timestamp of the GW. If

'( )jGT T T− ≤∆ holds, the next step proceeds; otherwise, this phase is aborted.

A-8 The GW successively computes j j jRN Xsy ⊕= , *G S ji jM RNz −= ⊕ , ** ( || || )

j j jS G ih Xs TM z− = ,

and then compares *S Gj

M − with S GjM − . If *

S G S Gj jM M− −= holds, the next step proceeds;

otherwise, this phase is aborted. A-9 The GW computes '( || || || || )G S U G Gji iG U ii

M h DID M M Xs T− −− = , *i i iw z Xs= ⊕ , i j iy RN Xs= ⊕ ,

and j j jq Xs RN= ⊕ , and then sends authentication request '{ , , , , }jG U Gii i M q Ty w − to iU .

A-10 iU checks if ''( ) ?GiT T T− ≤∆ , where 'iT is the current timestamp of iU . If ''( )GiT T T− ≤∆

holds, the next step proceeds; otherwise, this phase is aborted. A-11 The smart card successively computes j i iRN Xsy ⊕= , *

i i iw Xsz = ⊕ , * *G S j i jM z RN− = ⊕ ,

and * * '( || || || || )G S U G Gii iG U jiM h DID M M Xs T− −− = ,and then compares *

G UiM − with G Ui

M − . If *G U G Ui i

M M− −= holds, the next step proceeds; otherwise, this phase is aborted. A-12 The smart card computes (( || ), )S i j jK f DID RN Xs= to obtain a session key, with which

iU can communicate with jS . Meanwhile, jS also computes (( || ), )S i j jK f DID RN Xs= to share a session key with iU , where j j jRNXs q ⊕= .

4.4 Password Change Phase In this phase, iU can freely change the existing password to a new one without

communicating with the GW. The detailed password change phases are shown as follows. P-1 iU inserts his/her smart card into a terminal and inputs *

iID , *ipw and new password nipw .

P-2 The smart card successively computes * *( ) _r i iRN h pw X PW= ⊕ , * * *_ ( || )i i rH PW h pw RN= , * *( || _ )i i s iXs C h ID H PW= ⊕ , * * *( _ )i i iB h H PW Xs= ⊕ , and then compares *

iB with iB .If


*i iB B= holds, the next step proceeds, otherwise, this phase is aborted.

P-3 The smart card computes *_ ( || )ni ni rH PW h RNpw= , * * *( _ || ) ( _ || )ni i i i ni iA A h H PW Xs h H PW Xs= ⊕ ⊕ , *( _ )ni ni iB h H PW Xs= ⊕ , * ( || _ )ni i s niC Xs h ID H PW= ⊕ , and then replaces the existing

values iA , iB and iC with the new values niA , niB and niC .

5. Security Analysis of the Proposed Scheme In this section, we first analyze the security of the proposed scheme on the assumptions declared in section 3, and discuss the security of our scheme according to the security requirements stipulated in section 4 of Kim et al.’s scheme [17]. Table 2 shows a security comparison of the proposed scheme with related schemes.

Table 2. Security comparison with other related schemes.

Security features

Das’s Scheme[7]

Khan and Alghathbar’s scheme[10]

Vaidya et al.’s

Scheme[13]

Kim et al.’s scheme[17]

I. P. Chang et al.’

scheme[18]

The proposed Scheme

Resists offline password guessing attacks

No No No No No Yes

Resists replay attacks Yes Yes Yes Yes Yes Yes

Resists user impersonation

attacks No No No No Yes Yes

Resists gateway node

bypassing attacks

No No No No Yes Yes

Resists parallel

session attacks No No Yes Yes Yes Yes

Resists sensor node capture

attacks No No No No No Yes

Resists lost smart card

attacks No No Yes No No Yes

Resists stolen-verifier

attacks Yes Yes Yes Yes Yes Yes

Realizes mutual

authentication No No Yes Yes Yes Yes

Provides key agreement No No Yes Yes Yes Yes

Provides password

change phase No Yes Yes Yes Yes Yes


Offline password guessing attacks: The proposed scheme can resist offline password guessing attacks because another secret ( )Kh is needed in the guessing equation

( _ ( || _ ) ( ))i i i s iB h H PW C h ID H PW h K= ⊕ ⊕ ⊕ . In the guessing equation, iB , iC , and sID can be extracted from '

i sU smart card, however, it’s difficult to guess the hashed password _ iH PW because ( )Kh cannot be obtained.

Replay attacks: In the proposed scheme, all authentication messages transmitted between communication parties have current timestamps, such as iT of , , , , }{ _U Gii i i iDID M T H IDv− , so our scheme can resist replay attacks.

User impersonation attacks: In the proposed scheme, an attacker cannot create valid authentication message { , , , , _ }U Gii i i iDID M H IDTv− because he/she cannot compute the secret data sx . Therefore, user impersonation attacks can be resisted.

Gateway node bypassing attacks: In the proposed scheme, an attacker cannot create valid authentication message '{ , , , , }i i jG U Gi

y w M q T− because he/she cannot compute the secret

data sx . Therefore, gateway node bypassing attacks can be resisted. Parallel session attacks: In the proposed scheme, random nonces such as iDID , U GiM −

and iv in , , , , }{ _U Gii i i iDID M T H IDv− are contained in all the authentication messages, so our scheme is secure against parallel session attacks.

Sensor node capture attacks: Though secret data such as jSID and *jXs can be obtained from a sensor node jS after being captured by an attacker, iXs for iU and sx for the GW cannot be computed. In addition, secret data of other sensor nodes except jS cannot be computed yet by the attacker.

Stolen smart card attacks and lost smart card attacks: Though sID , _ iH ID , ( )h ⋅ , iA , iB ,

iC and _ iX PW can be extracted from 'iU s smart card by an attacker aU , any secret data

( )Kh or sx cannot be computed for the attacker. Therefore, stolen smart card attacks and lost smart card attacks can be prevented in the proposed scheme.

Attacks by using adversary’s own smart card: In the proposed scheme, valid user’s masked identity *_ ( || )i iH ID h ID K= is stored in the memory of the GW in advance. In the registration phase, if an attacker aU hopes to register using his/her own identity aID , the registration procedure is aborted because the computed _ ( || )a aH ID ID Kh= by the GW is not equal to *_ ( || )i iH ID ID Kh= . Therefore, attacks by using adversary’s own smart card can be resisted in the proposed scheme.

Privileged-insider attacks: Since ipw is transmitted as a digest of some other secret components, privileged-insider attacks can be prevented in the proposed scheme.

Stolen-verifier attacks: Though all valid users’ masked identities are kept in the memory of the GW in the proposed scheme, a valid user’s identity iID cannot be derived, so the stolen-verifier attacks can be prevented in our scheme.

, , :Mutual authentication key agreement and password change phase In the design of the proposed scheme, mutual authentication between two communicating parties, key agreement between iU and jS , and password change phase are also taken into account.


6. Performance Analysis of the Proposed Scheme Due to the limited resource of sensor nodes, it’s very important to conceive an authentication scheme with low computation and low communication cost in WSNs. In this section, we evaluate the computation and communication cost of the proposed scheme in terms of the number of hash and XOR operations. To give a clear illustration, comparison is performed among related schemes: Das’scheme [7], Khan and Alghathbar’s scheme [10], Vaidya et al.’s scheme [13], Kim et al.’s scheme [17] and I-Pin Chang et al.’s scheme [18]. Comparing with Kim et al.’s scheme, our scheme can overcome offline password guessing attack, user impersonation attack by using his/her own smart card, sensor node impersonation attack, and gateway node bypassing attack with the increase of 2H operation plus 1X in the registration phase, and 2H plus 2X operations in the login phase, however, and with the decrease of 1X operation in the Authentication and key agreement phase, where H and X represent the number of hash operations and the number of XOR operations, respectively. The detailed comparison results are shown in Table 3 according to the computation and communication cost.

Table 3. Performance comparison with other related schemes.

Phase Das’s

scheme [7]

Khan and Alghathbar’s

scheme [10]

Vaidya et al.’s

Scheme [13]

Kim et al.’s

scheme [17]

I. P. Chang et al.’

scheme [18]

Our scheme

Registration phase

iU 0 1H 1H 2H+1X 2H+1X 2H+1X

GW 3H+1X 2H+1X 4H+3X 6H+3X 5H+3X 8H+4X

jS 0 0 0 0 0 0

Login phase iU 3H+1X 3H+1X 6H+4X 7H+5X 7H+4X 9H+7X

GW 0 0 0 0 0 0

jS 0 0 0 0 0 0

Authentication and key

agreement phase

iU 0 0 1H+3X 1H+4X 2H+1X 1H+3X

GW 4H+2X 5H+2X 6H+6X 8H+8X 9H+4X 8H+8X

jS 1H 2H 2H+2X 2H+2X 3H+1X 2H+2X

Password change phase

iU - 3H+2X 8H+6X 9H+7X 9H+7X 9H+7X

GW - 0 0 0 0 0

jS - 0 0 0 0 0

Total 11H+4X 16H+6X 28H+24X 35H+30X 37H+21X 39H+32X


7. Conclusions In this study, we have crypto-analyzed a two-factor mutual authentication with key agreement in WSNs proposed by Kim et al., and demonstrated its vulnerability to offline password guessing attack, user impersonation attack by using his/her own smart card, sensor node impersonation attack and gateway node bypassing attack. To address the security weaknesses in Kim et al.’s scheme, we propose an improved two-factor mutual authentication with key agreement in WSNs. Security analysis and performance comparison show that our scheme can eliminate various weaknesses in the existing user authentication with key agreement schemes in WSNs with negligible increase in computation or communication cost.

References [1] L. Atzori, A. Iera and G. Morabito, “The internet of Things: A survey,” Computer Networks, vol.

54, no. 15, pp. 2787–2805, June, 2010. Article (CrossRef Link) [2] H. Ning, H. Liu and L T. Yang, “Aggregated-proof based hierarchical authentication scheme for

the Internet of Things,” IEEE trans. on parallel and distribution systems, vol. 26, no. 3, pp. 657-667, March, 2015. Article (CrossRef Link)

[3] Yoon, E. J., Yoo, K. Y., “ Cryptanalysis of robust mutual authentication protocol for wireless sensor networks,” in Proc. of the 10th IEEE International Conference on Cognitive Informatics & Cognitive Computing, pp. 392-396, August 18-20, 2011. Article (CrossRef Link)

[4] Yick, J., Mukherjee, B., Ghosal, D., “Wireless sensor network survey,” Computer Networks, vol. 52, no. 12, pp. 2292-2330, August, 2008. Article (CrossRef Link)

[5] Wong K. H. M., Zheng, Y., Cao, J., Wang S., “A dynamic user authentication scheme for wireless sensor networks, ” In Proc.of the IEEE international conference on sensor networks, ubiquitous, and trustworthy computing, pp. 244-251, June 5-7, 2006. Article (CrossRef Link)

[6] Tseng H. R., Jan R. H., Yang W, “An improved dynamic user authentication scheme for wireless sensor networks,” In Proc. of the Global Telecommunications Conference, pp. 986-990, November 26-30, 2007. Article (CrossRef Link)

[7] Das, M. L., “Two-factor user authentication in wireless sensor networks,” IEEE Transactions on Wireless Communications, vol. 8, no. 3, pp.1086-1090, March, 2009. Article (CrossRef Link)

[8] Xu J., Zhu W. T., Feng D. G., “An improved smart card based password authentication scheme with provable security,” Computer Standards Interfaces, vol. 31, no. 4, pp. 723-728, June, 2009. Article (CrossRef Link)

[9] Nyang D. H., Lee M. K., “Improvement of Das’s two-factor authentication protocol in wireless sensor networks,” IACR Cryptology ePrint Archive, vol. 2009, pp. 1-5, 2009. Article (CrossRef Link)

[10] Khan, M. K., Alghathbar, K., “Cryptanalysis and security improvements of two-factor user authentication in wireless sensor networks,” Sensors, vol. 10, no. 3, pp.2450-2459, March, 2010. Article (CrossRef Link)

[11] Chen T. H., Shih W. K., “A robust mutual authentication protocol for wireless sensor networks,” Electronic Telecommunication Research Institute, vol. 32, no. 5, pp.704-712, October, 2010. Article (CrossRef Link)

[12] He D, Gao Y., Chan S., Chen C., Bu J., “An enhanced two-factor user authentication scheme in wireless sensor networks, ”Ad Hoc Sensor Wireless Networks, vol. 10, no. 4, pp. 361-371, January, 2010. Article (CrossRef Link)

[13] Vaidya B., Makrakis D., Mouftah H., “Two-factor mutual authentication with key agreement in wireless sensor networks,” Security and Communication Networks, vol. 9, no. 2, pp. 171-183, April, 2012. Article (CrossRef Link)

http://dx.doi.org/10.1016/j.comnet.2010.05.010

http://ieeexplore.ieee.org/document/6767153/

http://ieeexplore.ieee.org/document/6016171/


http://dx.doi.org/10.1109/SUTC.2006.1636182

http://dx.doi.org/10.1109/GLOCOM.2007.190

http://dx.doi.org/10.1109/TWC.2008.080128

http://dx.doi.org/10.1016/j.csi.2008.09.006

http://eprint.iacr.org/2009/631.pdf

http://dx.doi.org/10.3390/s100302450

http://dx.doi.org/10.4218/etrij.10.1510.0134

https://www.researchgate.net/publication/220419217_An_Enhanced_Two-factor_User_Authentication_Scheme_in_Wireless_Sensor_Networks

http://dx.doi.org/10.1002/sec.517


[14] Das A. K., Sharma P., Chatterjee S., Sing J. K., “A dynamic password-based user authentication scheme for hierarchical wireless networks,” Journal of Network and Computer Applications, vol. 35, no. 5, pp.1646-1656, September, 2012. Article (CrossRef Link)

[15] Li C. T., Weng C. Y., Lee C. C., “An advanced temporal credential-based security scheme with mutual authentication and key agreement for wireless sensor networks,” Sensors, vol. 13, no. 8, pp.9589-9603, July, 2013. Article (CrossRef Link)

[16] Yoo, S. G., Lee H., Kim J., “A performance and usability aware secure two-factor user authentication schemes for wireless sensor networks, ”International Journal of Distributed Sensor Networks, vol. 2013, no. 2, pp. 543950, January, 2013. Article (CrossRef Link)

[17] Kim J., Lee D., Jeon W., Lee Y. and Won D., “Security analysis and improvements of two-factor mutual authentication with key agreement in wireless sensor networks,” Sensors, vol. 14, no. 4, pp.6443-6462, April, 2014. Article (CrossRef Link)

[18] I-Pin Chang, Tian-Fu Lee, Tsung-Hung Lin and Chuan-Ming Liu, “Enhanced two-factor authentication and key agreement using dynamic identities in wireless sensor networks,” Sensors, vol. 15, no. 12, pp.29841-29854, November, 2015. Article (CrossRef Link)

[19] Turkanovic M., Holbl M., “An improved dynamic password-based user-authentication scheme for hierarchical wireless sensor networks,” Elektronika Ir Elektrotechnika, vol. 19, no. 6, pp. 109-116, June, 2013. Article (CrossRef Link)

[20] Xue K., Ma C., Hong P., Ding R., “A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks, ”Journal of Network and Computer Applications, vol. 36, no. 1, pp. 316-323, January, 2013. Article (CrossRef Link)

[21] Li Jiping, Ding Yaoming, Xiong Zenggang and Liu Shouyin, “An Improved Biometric-based User Authentication Scheme for C/S system,” International Journal of Distributed Sensor Networks, vol. 2014, no. 2, pp. 275341, January, 2014. Article (CrossRef Link)

[22] Debiao He, Neeraj Kumar, Naveen Chilamkurti, “A secure temporal-credential-based mutual authentication and key agreement scheme with pseudo identity for wireless sensor networks,” Information Science, vol. 321, no. 10, pp. 263-277, November, 2015. Article (CrossRef Link)

[23] Debiao He, Sherali Zeadally, “Authentication protocol for ambient assisted living system,” IEEE Communications Magazine, vol. 53, no. 1, pp.71-77, January, 2015. Article (CrossRef Link)

[24] Honglong Chen and Wei Lou, “On protecting end-to-end location privacy against local eavesdropper in wireless sensor networks,” Pervasive and Mobile Computing, vol. 16, Part A, pp. 36-50, January, 2015. Article (CrossRef Link)

[25] Honglong Chen, Guoliang Xue and Zhibo Wang, “Efficient and reliable missing tag identificaiton for large-scale RFID systems with unknown tags,” IEEE internet of things Journal, vol. 4, no. 3, pp. 736-748, February, 2017. Article (CrossRef Link)

[26] Zhibo Wang, Honglong Chen, Qing Cao, Hairong Qi, Zhi Wang and Qian Wang, “Achieving location error tolerant barrier coverage for wireless sensor networks,” Computer Networks, vol. 112, no. 15, pp. 314-328, January, 2017. Article (CrossRef Link)

[27] Zhibo Wang, Qing Cao, Hairong Qi, Honglong Chen and Qian Wang, “Cost-Effective Barrier Coverage Formation in Heterogeneous Wireless Sensor Networks,” Ad Hoc Networks, vol. 64, pp. 65-79, September, 2017. Article (CrossRef Link)

http://dx.doi.org/10.1016/j.jnca.2012.03.011

http://dx.doi.org/10.3390/s130809589

http://dx.doi.org/10.1155/2013/543950

http://dx.doi.org/10.3390/s140406443

http://dx.doi.org/10.3390/s151229767

http://dx.doi.org/10.5755/j01.eee.19.6.2038

http://dx.doi.org/10.1016/j.jnca.2012.05.010

http://dx.doi.org/10.1155/2014/275341

http://dx.doi.org/10.1016/j.ins.2015.02.010

http://dx.doi.org/10.1109/MCOM.2015.7010518

http://dx.doi.org/10.1016/j.pmcj.2014.01.006

https://ieeexplore.ieee.org/document/7843647/


http://dx.doi.org/10.1016/j.adhoc.2017.06.004


Jiping Li was born in Hubei Province, China, in 1972. He received M.S. degree in application of computer from Ocean University of China, Qingdao in 2006, and the Ph.D. degree in radio physics from Central China Normal University, Wuhan in 2012 respectively. He is presently an associate professor in computer science of Hubei Engineering University. His research interests include network security, wireless resource management and application of internet of things. Yaoming Ding was born in Hubei Province, China, in 1963. He received B.S. and M.S. degree in physic science from Central China Normal University, Wuhan in 1986 and in 2000 respectively. He received Ph.D. degree in Huazhong University of Science and Technology in 2011. He is presently a professor in physic science in Hubei Engineering University. His research interests include optical communication and security of wireless communication.

Zenggang Xiong was born in Hubei Province, China, in 1974. He received M.S degree in computer application from Hubei University in 2005 and Ph.D. degree in computer application from University of Science and Technology Being in 2009 respectively. He is presently a professor in computer science at Hubei Engineering University. His research interest includes cloud computing and big data. Shouyin Liu was born in Henan Province, China, in 1963. He received BS degree in physics in 1985 and MS degree in radio electronics in 1988 both from Central China Normal University, Wuhan, China, respectively. He received Ph.D. degree from Hanyang University, Korea in 2005 in electronic communication engineering. From 2004, he has been a professor at Central China Normal University. His current research interests include digital communication, WSN and location techniques.

Documents

An Improved Two-Factor Mutual Authentication …itiis.org/journals/tiis/digital-library/manuscript/file/...5558 Jiping Li et al.: An Improved Two-Factor Mutual Authentication Scheme